Chevron Subpoenas Google, Yahoo & Microsoft To Get Info On Email Accounts Going Back Years

from the intimidation-or-legitimate-evidence-gathering? dept

Chevron is embroiled in a big lawsuit with some folks in Ecuador that has been going on for 19 years, and resulted in an $18.2 billion judgment against the company for environmental damage in the country. Chevron is accusing the lawyer for the Ecuadorians of racketeering. A New Yorker article from earlier this year goes into significant detail about the case, including Chevron arguing that the whole thing is "a shakedown," and questioning whether or not the lawyer went too far in the case.

We actually wrote about this case a few years ago, when Chevron sought footage that a documentary filmmaker had taken of people involved in the case, including the lawyer, Steven Donziger. While it seemed like the filmmaker should have the right to protect the work like journalists protect their sources, a court ordered it turned over to Chevron. That footage turned out to provide info that Chevron believes shows evidence of racketeering in trying to influence the court decision. Here's the New Yorker describing some of what was in the footage:

As Mastro played a series of outtakes for Judge Kaplan, Donziger’s outspokenness was on full display. He riffed, indignantly, about the inadequacies of the Ecuadoran legal system. “They’re all corrupt,” he says of Ecuadoran judges in one clip. “It’s their birthright to be corrupt.”

... In one scene, a scientific expert for the plaintiffs tells him that one measurement of groundwater contamination was not as strong as he had thought. “This is Ecuador, O.K.?” Donziger says. “At the end of the day, if there’s a thousand people around the courthouse you’re going to get what you want.” As for the scientific data, he adds, it’s “just a bunch of smoke and mirrors and bullshit.”

[...] In another scene that Mastro showed to the court, Donziger chats with associates over dinner at a restaurant. Someone at the table, referring to the popular antipathy toward Chevron in Ecuador, suggests that if the judge in Lago Agrio ruled against the plaintiffs he might be killed.

“He might not be,” Donziger replies, cradling a glass of red wine. “But he thinks he will. Which is just as good.”

All of this, plus some other evidence led Chevron to go after Donziger for racketeering. And, as part of that, it has sent a subpoena to Google, Microsoft and Yahoo seeking information on more than 70 email accounts, claiming that this info may help them show that Donziger was "falsifying evidence from the outset of the trial in Ecuador." CNET notes that Chevron believes that among other things, the lawyers for the Ecuadorians may have been involved in "blackmailing a judge, ghostwriting expert reports, and even helping to draft the court's final opinion."

It's important to note that Chevron is not (yet) seeking the contents of the email, but a variety of information about the accounts -- such as IP address info, physical address, phone numbers and billing info (if available). The idea seems to be that Chevron believes some of the addresses have been faked, and this will help to show that. However, some of the requests clearly seem to be overly broad -- including going after law professor and blogger Kevin Heller, who was not happy about this. Heller was able to have the ACLU call Chevron on his behalf about this -- getting them to drop the request for his info. Chevron claims that this helped them prove that Heller's account belonged to a real person, which is all they're seeking, but Heller is justifiably upset about all of this, sensing significant chilling effects and worrying about possible intimidation.

I will likely never know why Chevron subpoenaed me. But I do know that it is unacceptable for a party to litigation to try to obtain private information from a blogger-journalist who has criticized its tactics. This is not about my journalistic freedom; it is about the journalistic freedom of all bloggers. And it is not about Chevron; it is about any party that thinks it is acceptable to subpoena a blogger’s private information. I would be no less critical of an attempt by Greenpeace to subpoena Glenn Reynolds. Tactics like this need to be exposed and resisted, no matter who uses them or whom they target; passive acquiescence is simply an invitation to further abuses.

Heller also goes after Google, his email provider, for not more actively fighting back on his behalf:

I also think that Google needs to do far more to protect the privacy of its users. Twitter has been very active in resisting attempts to obtain its users’ private information. Google has also done so in the past, but it did nothing to help me, even after I informed it via email that I was a law professor and a blogger-journalist. But again, this isn’t about me. It’s about all the other bloggers who might find themselves facing a similar subpoena. I’m lucky: I have friends like Glenn Greenwald to ask for help. I’m sure that the ACLU would assist anyone in my position — but not everyone knows that the ACLU is out there, much less that no case is seemingly too small or too unimportant for them to be concerned. More importantly, the ACLU should not have to get involved in every case like this one (and again, I am but one of 44 people named in the subpoena); Google itself — and all other service providers in similar situations — need to be the first line of defense.

Google has asked the judge for more time to respond to the subpoenas, which Chevron has already agreed to. The magistrate judge is also going to hold a hearing in a few weeks to "evaluate" the subpoenas. Microsoft told Declan McCullagh at CNET that it had provided notice to the Microsoft accounts in question. Yahoo didn't respond to McCullagh's questions about the subpoenas, so it's unclear what they've done.

There may be legitimate reasons for Chevron's request, but given Heller's experience, it certainly appears that the fishing expedition is overly broad, and could have significant chilling effects in intimidating people who were legitimately helping out with the case. That should be a big concern, and the judge should be exceptionally careful in making the companies reveal info on these email accounts. We've talked in the past about things like the Dendrite rules for determining when possibly identifying info on anonymous people should be allowed, as it sets a high bar that protects a person's right to anonymity. Hopefully the court recognizes that Chevron's requests seem to go too far.

Reader Comments

This shows the risks of centralized services, as without them chevron would have had to find owners for hundreds or thousands of sites. The existence of centralized services temos biog corporations and governments to try fishing expeditions as it is a few subpoenas.

Re:

Indeed, yes. Remember kiddies, any data not on a machine you physically control can be accessed by any government entity, well-financed non-government entity, or employee of whoever it is that does physically control the machine(s) your data is on. And we haven't even mentioned hackers.

In this day and age, trusting third parties to hold your data seems outrageously risky.

Re: Re:

In this day and age, trusting third parties to hold your data seems outrageously risky.

Depends on what you consider a risk. If you're worried about physical theft, hacking, or data loss, then storing data in the cloud is less risky than maintaining sole control of your data. For most people at least.

Moreover, if you're worried about the government or some organization (mis)using legal process, consider that the government can always go after you personally if it can't go after your data.

Re: Re: Re:

While a government can go after an individual, it will be the individuals government. With centralised servers, several governments can go after many individuals data in a single action. They cam also get hold of the bulk data, and go fishing for interesting titbits to identify people to watch.
There is a significant difference between being able to search a few central repositories of data and monitoring individual connections to build the massive database to search.
As for back up, any removable storage can be kept at a friends or family members house. It is also possible to arrange for remote access to a server at a friends or family members house. Such arrangements can be mutual. This is also preferable to storing your data in a foreign country.

Re: Re: Re:

What AC said above. Also...

If you're worried about physical theft, hacking, or data loss, then storing data in the cloud is less risky than maintaining sole control of your data.

With the exception of physical theft, I disagree that the cloud is less risky on these fronts. Physical theft is pretty easy to mitigate, but the cloud (or any third party). Your hacking risk is different, but not greater, if you maintain your own data (with servers, there are more people "on the inside" where hacking is an easier and more tempting task). Data loss, like physical theft, is very easy to mitigate against, so there's no cloud advantage there.

Oh, and about data loss: when a third party holds your data, then they can withold your data/go out of business/get all their servers seized.

Moreover, if you're worried about the government or some organization (mis)using legal process, consider that the government can always go after you personally if it can't go after your data.

Yes they can, and making them do so gives two advantages to you: first, they have to get a warrant to do it (most third parties will not require this) and second, you'll know that they did it (third parties can be required to keep the whole thing a secret from you).

Also, holding the data yourself means that you're safer from corporate access to your data. Remember, when you're dealing with a private company you have no Constitutional protections.